[*]Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output[*]Unter Extra Registry, wähle bitte Use SafeList[*]Klicke nun auf Run Scan links oben[*]
bei mir gibt es im OTL kein kästchen mit Minimal Output und weder Extra Registry noch Use SafeList.
Nunja den Scan hab ich trotzdem gemacht und hier meine logfiles von malwarebytes und OTL:
Malwarebytes LogFiles:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4077
Windows 6.0.6000
Internet Explorer 7.0.6000.17037
24.06.2010 13:28:54
mbam-log-2010-06-24 (13-28-54).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|I:\|K:\|)
Durchsuchte Objekte: 215014
Laufzeit: 42 Minute(n), 57 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 3
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job (Trojan.Downloader) -> No action taken.
C:\Users\sushikiste\AppData\Local\Temp\sshnas21.dll (Trojan.Downloader) -> No action taken.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> No action taken. OTL LogFiles:
OTL Logfile: Code:
OTL logfile created on: 24.06.2010 13:34:23 - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Users\sushikiste\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 51,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288,04 Gb Total Space | 142,35 Gb Free Space | 49,42% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 5,83 Gb Free Space | 58,30% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SUSHIKISTE-PC
Current User Name: sushikiste
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.06.24 13:32:25 | 000,163,328 | ---- | M] () -- C:\Users\SUSHIK~1\AppData\Local\Temp\Yfr.exe
PRC - [2010.06.24 13:32:22 | 000,171,520 | ---- | M] () -- C:\Users\SUSHIK~1\AppData\Local\Temp\Yfq.exe
PRC - [2010.06.24 12:44:47 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\sushikiste\Desktop\OTL.exe
PRC - [2010.06.23 19:33:05 | 000,070,656 | RHS- | M] () -- C:\Users\Public\winvsrnc.exe
PRC - [2010.05.13 16:40:02 | 000,040,960 | ---- | M] () -- C:\Users\sushikiste\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
PRC - [2010.04.21 01:05:35 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2010.04.21 00:34:24 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.04.01 13:33:15 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.03.19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.03.18 01:43:38 | 000,835,952 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2010.03.02 11:28:23 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.02.24 10:28:01 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010.02.18 12:49:40 | 000,357,448 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
PRC - [2010.02.18 12:47:34 | 003,203,144 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
PRC - [2010.02.18 12:25:20 | 000,498,760 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
PRC - [2010.02.18 12:25:10 | 000,477,768 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
PRC - [2010.02.18 12:24:42 | 001,573,448 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
PRC - [2010.02.18 12:24:32 | 000,522,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
PRC - [2010.02.18 12:24:22 | 000,523,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
PRC - [2010.02.18 12:24:12 | 000,676,424 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2007.09.04 19:25:44 | 000,131,072 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
PRC - [2007.03.01 15:38:48 | 004,390,912 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006.05.29 20:29:46 | 001,708,032 | ---- | M] () -- C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
========== Modules (SafeList) ==========
MOD - [2010.06.24 12:44:47 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\sushikiste\Desktop\OTL.exe
MOD - [2006.11.02 11:44:49 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2006.11.02 11:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2010.05.13 16:40:02 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Users\sushikiste\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe -- (SearchAnonymizer)
SRV - [2010.04.21 01:05:35 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010.04.01 13:33:15 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.03.19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.02.24 10:28:01 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2007.09.04 19:25:44 | 000,131,072 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
========== Driver Services (SafeList) ==========
DRV - [2010.05.29 22:14:49 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.04.21 18:50:41 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Running] -- C:\Windows\System32\SVKP.sys -- (SVKP)
DRV - [2010.03.01 10:05:19 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.02.16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.11.23 17:37:18 | 000,014,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGVirHid.sys -- (LGVirHid)
DRV - [2009.11.23 17:37:08 | 000,019,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.05.16 06:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008.05.16 06:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008.05.16 06:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008.05.16 06:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008.05.16 06:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008.05.16 06:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008.05.16 06:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2007.09.17 00:07:00 | 007,624,192 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007.09.04 19:26:32 | 000,029,696 | ---- | M] (NVidia Corp.) [Kernel | On_Demand | Running] -- C:\Windows\nvoclock.sys -- (NVR0Dev)
DRV - [2007.08.27 13:20:34 | 001,062,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007.04.23 14:19:24 | 000,227,328 | ---- | M] (NETGEAR Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2007.03.01 16:21:10 | 001,744,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.02.22 03:55:35 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2007.02.22 03:55:35 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007.02.22 03:55:34 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2007.01.06 07:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2007.01.06 07:59:34 | 000,086,096 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) NVIDIA nForce(tm)
DRV - [2006.11.02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006.11.02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006.11.02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006.11.02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006.11.02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006.11.02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006.11.02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006.11.02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006.11.02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006.11.02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006.11.02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006.11.02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006.11.02 09:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006.09.24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoft Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Program Files\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Ocs_SM] C:\Users\sushikiste\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EBUNWVLUMV] C:\Users\SUSHIK~1\AppData\Local\Temp\Yfr.exe ()
O4 - HKCU..\Run: [Halo2] C:\Benutzer\sushikiste\AppData\Local\Temp\sshnas21.dll File not found
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [NVIDIA nTune] C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
O4 - HKCU..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - HKCU..\Run: [Windows System Updates] C:\Users\Public\winvsrnc.exe ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\sushikiste\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {6678BE91-1E04-4A4A-9C32-63145EA79C2A} hxxp://fifa-online.easports.com/fo3-theme/addons/EAFO3AXLauncher.cab (EAFO3AXLauncher Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\sushikiste\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\sushikiste\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{ab8be8b0-6b5f-11df-a6db-001aa0594040}\Shell - "" = AutoRun
O33 - MountPoints2\{ab8be8b0-6b5f-11df-a6db-001aa0594040}\Shell\AutoRun\command - "" = K:\Launch.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.06.24 12:44:47 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\sushikiste\Desktop\OTL.exe
[2010.06.23 19:50:29 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.06.23 19:49:52 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Users\sushikiste\Desktop\HJTInstall.exe
[2010.06.13 18:57:57 | 000,000,000 | ---D | C] -- C:\Users\sushikiste\Desktop\ertert_data
[2010.06.13 18:57:29 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity
[2010.06.13 18:57:12 | 002,228,534 | ---- | C] ( ) -- C:\Users\sushikiste\Desktop\audacity-win-1.2.6.exe
[2010.06.13 18:53:40 | 000,000,000 | ---D | C] -- C:\Users\sushikiste\AppData\Local\PunkBuster
[2010.06.13 18:53:30 | 000,000,000 | ---D | C] -- C:\Users\sushikiste\Documents\EA SPORTS(TM) FIFA Online
[2010.06.13 18:35:25 | 000,000,000 | ---D | C] -- C:\Program Files\EA Sports
[2010.06.13 18:31:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\FIFAOnlineSetup
[2010.06.13 18:31:00 | 005,866,600 | ---- | C] (Electronic Arts) -- C:\Users\sushikiste\Desktop\FIFAOnlineSetup.exe
[2010.06.06 17:01:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2010.06.06 15:58:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2010.06.06 15:57:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard
[2010.06.06 15:46:33 | 000,000,000 | ---D | C] -- C:\Users\sushikiste\Desktop\World of Warcraft
[2010.06.06 15:44:35 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment
[2010.06.04 19:18:03 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoftTB
[2010.06.04 19:18:01 | 000,000,000 | ---D | C] -- C:\Users\sushikiste\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.05.29 22:26:25 | 000,000,000 | ---D | C] -- C:\Program Files\SEGA
[2010.05.29 22:17:53 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar
[2010.05.29 22:14:26 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010.05.29 22:14:19 | 000,000,000 | ---D | C] -- C:\Users\sushikiste\AppData\Roaming\DAEMON Tools Lite
[2010.05.29 22:14:17 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.05.29 21:53:09 | 000,000,000 | ---D | C] -- C:\Users\sushikiste\Desktop\Medieval II - Total War
[2010.05.27 23:58:12 | 000,000,000 | ---D | C] -- C:\Program Files\Audio Recorder Pro
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.06.24 13:36:19 | 002,097,152 | -HS- | M] () -- C:\Users\sushikiste\ntuser.dat
[2010.06.24 13:32:32 | 000,000,302 | -H-- | M] () -- C:\Windows\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
[2010.06.24 13:32:29 | 000,000,302 | -H-- | M] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2010.06.24 13:31:15 | 000,003,680 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.06.24 13:31:15 | 000,003,680 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.06.24 13:31:14 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.06.24 13:31:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.06.24 13:29:43 | 002,773,612 | -H-- | M] () -- C:\Users\sushikiste\AppData\Local\IconCache.db
[2010.06.24 12:44:47 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\sushikiste\Desktop\OTL.exe
[2010.06.24 12:38:41 | 001,461,736 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.06.24 12:38:41 | 000,641,106 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.06.24 12:38:41 | 000,609,944 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.06.24 12:38:41 | 000,116,500 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.06.24 12:38:41 | 000,103,726 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.06.24 12:35:45 | 000,163,328 | ---- | M] () -- C:\Users\sushikiste\Desktop\Yfr.exe
[2010.06.23 19:50:29 | 000,001,834 | ---- | M] () -- C:\Users\sushikiste\Desktop\HijackThis.lnk
[2010.06.23 19:49:52 | 000,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Users\sushikiste\Desktop\HJTInstall.exe
[2010.06.21 17:54:42 | 000,384,160 | ---- | M] () -- C:\Users\sushikiste\Desktop\Hip hop Beat in Fl studio 8 (Free MP3 Download).sfk
[2010.06.21 17:54:40 | 006,879,088 | ---- | M] () -- C:\Users\sushikiste\Desktop\beathiphoplol.mp3
[2010.06.21 17:47:04 | 000,025,194 | ---- | M] () -- C:\Users\sushikiste\Desktop\saftig.jpg
[2010.06.20 22:50:04 | 000,023,976 | ---- | M] () -- C:\Users\sushikiste\Documents\Wow 2010-06-20 22-41-12-53.avi.sfk
[2010.06.20 22:41:46 | 000,037,888 | ---- | M] () -- C:\Users\sushikiste\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.20 22:41:28 | 447,565,544 | ---- | M] () -- C:\Users\sushikiste\Documents\Wow 2010-06-20 22-41-12-53.avi
[2010.06.18 14:07:22 | 000,000,600 | ---- | M] () -- C:\Users\sushikiste\Documents\Standard.sfvidcap
[2010.06.16 23:24:22 | 000,022,496 | ---- | M] () -- C:\Users\sushikiste\Desktop\lolol.sfk
[2010.06.16 23:22:25 | 002,871,340 | ---- | M] () -- C:\Users\sushikiste\Desktop\lolol.wav
[2010.06.16 23:10:25 | 006,341,539 | ---- | M] () -- C:\Users\sushikiste\Desktop\joshasascha.wmv
[2010.06.16 20:51:06 | 001,177,289 | ---- | M] () -- C:\Users\sushikiste\Desktop\peaceisalie.mp3
[2010.06.16 17:26:15 | 038,965,292 | ---- | M] () -- C:\Users\sushikiste\Desktop\Inner Circle - Sweat [A la la la la long] (Instrumental).wav
[2010.06.16 16:54:15 | 049,164,332 | ---- | M] () -- C:\Users\sushikiste\Desktop\Hip hop Beat in Fl studio 8 (Free MP3 Download).wav
[2010.06.15 00:04:41 | 002,042,465 | ---- | M] () -- C:\Users\sushikiste\Desktop\epictest.mp3
[2010.06.14 16:09:03 | 000,138,968 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.06.14 16:08:55 | 000,214,592 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010.06.13 18:57:30 | 000,000,712 | ---- | M] () -- C:\Users\sushikiste\Desktop\Audacity.lnk
[2010.06.13 18:57:13 | 002,228,534 | ---- | M] ( ) -- C:\Users\sushikiste\Desktop\audacity-win-1.2.6.exe
[2010.06.13 18:35:09 | 000,139,152 | ---- | M] () -- C:\Users\sushikiste\AppData\Roaming\PnkBstrK.sys
[2010.06.13 18:34:52 | 000,794,408 | ---- | M] () -- C:\Windows\System32\pbsvc.exe
[2010.06.13 18:31:09 | 005,866,600 | ---- | M] (Electronic Arts) -- C:\Users\sushikiste\Desktop\FIFAOnlineSetup.exe
[2010.06.11 22:32:51 | 000,000,606 | ---- | M] () -- C:\Users\sushikiste\Desktop\Wow - Verknüpfung.lnk
[2010.06.10 21:39:16 | 005,293,527 | ---- | M] () -- C:\Users\sushikiste\Desktop\LoLRoflcopteR.wmv
[2010.06.10 21:36:38 | 000,345,603 | ---- | M] () -- C:\Users\sushikiste\Desktop\LolRofl.wma
[2010.06.04 19:17:58 | 000,001,032 | ---- | M] () -- C:\Users\sushikiste\Desktop\DVDVideoSoft Free Studio.lnk
[2010.06.04 19:10:33 | 000,198,520 | ---- | M] () -- C:\Users\sushikiste\Documents\League of Legends 2010-06-04 19-02-08-95.avi.sfk
[2010.06.04 19:04:21 | 2935,082,064 | ---- | M] () -- C:\Users\sushikiste\Documents\League of Legends 2010-06-04 19-02-08-95.avi
[2010.06.02 21:16:08 | 000,000,959 | ---- | M] () -- C:\Users\sushikiste\Desktop\TeamSpeak 3 Client.lnk
[2010.06.01 22:10:57 | 868,713,536 | ---- | M] () -- C:\Users\sushikiste\Documents\League of Legends 2010-06-01 22-10-16-74.avi
[2010.06.01 00:19:08 | 3102,811,456 | ---- | M] () -- C:\Users\sushikiste\Documents\League of Legends 2010-06-01 00-17-03-84.avi
[2010.06.01 00:13:46 | 3414,904,832 | ---- | M] () -- C:\Users\sushikiste\Documents\League of Legends 2010-06-01 00-11-20-69.avi
[2010.06.01 00:10:39 | 682,331,048 | ---- | M] () -- C:\Users\sushikiste\Documents\League of Legends 2010-06-01 00-10-11-06.avi
[2010.05.30 18:43:39 | 000,396,280 | ---- | M] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 07-15-45-84.avi.sfk
[2010.05.30 07:43:01 | 3355,544,680 | ---- | M] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 07-40-48-81.avi
[2010.05.30 07:40:48 | 4195,460,336 | ---- | M] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 07-37-39-94.avi
[2010.05.30 07:25:51 | 391,843,272 | ---- | M] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 07-25-14-96.avi
[2010.05.30 07:25:15 | 4195,222,904 | ---- | M] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 07-20-33-37.avi
[2010.05.30 07:20:33 | 4195,088,192 | ---- | M] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 07-15-45-84.avi
[2010.05.30 04:33:54 | 615,926,080 | ---- | M] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 04-33-00-22.avi
[2010.05.29 22:41:24 | 000,001,899 | ---- | M] () -- C:\Users\Public\Desktop\Medieval II Total War.lnk
[2010.05.29 22:17:52 | 000,001,735 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010.05.29 22:14:49 | 000,691,696 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2010.05.29 13:18:24 | 000,059,856 | ---- | M] () -- C:\Users\sushikiste\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.05.29 13:17:40 | 000,265,024 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.05.28 00:01:01 | 000,012,520 | ---- | M] () -- C:\Users\sushikiste\Documents\lol.mp3.sfk
[2010.05.27 23:58:52 | 000,145,030 | ---- | M] () -- C:\Users\sushikiste\Documents\lol.mp3
[2010.05.27 23:58:13 | 000,000,802 | ---- | M] () -- C:\Users\sushikiste\Desktop\Audio Recorder Pro.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.06.24 13:32:27 | 000,000,302 | -H-- | C] () -- C:\Windows\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
[2010.06.24 13:32:24 | 000,000,302 | -H-- | C] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2010.06.24 12:35:45 | 000,163,328 | ---- | C] () -- C:\Users\sushikiste\Desktop\Yfr.exe
[2010.06.23 19:50:29 | 000,001,834 | ---- | C] () -- C:\Users\sushikiste\Desktop\HijackThis.lnk
[2010.06.21 17:54:37 | 006,879,088 | ---- | C] () -- C:\Users\sushikiste\Desktop\beathiphoplol.mp3
[2010.06.21 17:53:53 | 000,384,160 | ---- | C] () -- C:\Users\sushikiste\Desktop\Hip hop Beat in Fl studio 8 (Free MP3 Download).sfk
[2010.06.21 17:47:04 | 000,025,194 | ---- | C] () -- C:\Users\sushikiste\Desktop\saftig.jpg
[2010.06.20 22:42:19 | 000,023,976 | ---- | C] () -- C:\Users\sushikiste\Documents\Wow 2010-06-20 22-41-12-53.avi.sfk
[2010.06.20 22:41:12 | 447,565,544 | ---- | C] () -- C:\Users\sushikiste\Documents\Wow 2010-06-20 22-41-12-53.avi
[2010.06.18 14:07:22 | 000,000,600 | ---- | C] () -- C:\Users\sushikiste\Documents\Standard.sfvidcap
[2010.06.16 23:22:37 | 000,022,496 | ---- | C] () -- C:\Users\sushikiste\Desktop\lolol.sfk
[2010.06.16 23:22:25 | 002,871,340 | ---- | C] () -- C:\Users\sushikiste\Desktop\lolol.wav
[2010.06.16 23:09:15 | 006,341,539 | ---- | C] () -- C:\Users\sushikiste\Desktop\joshasascha.wmv
[2010.06.16 20:51:05 | 001,177,289 | ---- | C] () -- C:\Users\sushikiste\Desktop\peaceisalie.mp3
[2010.06.16 17:26:13 | 038,965,292 | ---- | C] () -- C:\Users\sushikiste\Desktop\Inner Circle - Sweat [A la la la la long] (Instrumental).wav
[2010.06.16 16:54:13 | 049,164,332 | ---- | C] () -- C:\Users\sushikiste\Desktop\Hip hop Beat in Fl studio 8 (Free MP3 Download).wav
[2010.06.15 00:04:38 | 002,042,465 | ---- | C] () -- C:\Users\sushikiste\Desktop\epictest.mp3
[2010.06.13 18:57:30 | 000,000,712 | ---- | C] () -- C:\Users\sushikiste\Desktop\Audacity.lnk
[2010.06.13 18:53:43 | 000,214,592 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2010.06.13 18:35:10 | 000,138,968 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.06.13 18:35:09 | 000,139,152 | ---- | C] () -- C:\Users\sushikiste\AppData\Roaming\PnkBstrK.sys
[2010.06.13 18:34:54 | 000,214,592 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010.06.13 18:34:52 | 000,794,408 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2010.06.13 18:34:52 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010.06.11 22:32:51 | 000,000,606 | ---- | C] () -- C:\Users\sushikiste\Desktop\Wow - Verknüpfung.lnk
[2010.06.10 21:37:55 | 005,293,527 | ---- | C] () -- C:\Users\sushikiste\Desktop\LoLRoflcopteR.wmv
[2010.06.10 21:36:38 | 000,345,603 | ---- | C] () -- C:\Users\sushikiste\Desktop\LolRofl.wma
[2010.06.04 19:17:58 | 000,001,032 | ---- | C] () -- C:\Users\sushikiste\Desktop\DVDVideoSoft Free Studio.lnk
[2010.06.04 19:10:29 | 000,198,520 | ---- | C] () -- C:\Users\sushikiste\Documents\League of Legends 2010-06-04 19-02-08-95.avi.sfk
[2010.06.04 19:02:08 | 2935,082,064 | ---- | C] () -- C:\Users\sushikiste\Documents\League of Legends 2010-06-04 19-02-08-95.avi
[2010.06.01 22:10:16 | 868,713,536 | ---- | C] () -- C:\Users\sushikiste\Documents\League of Legends 2010-06-01 22-10-16-74.avi
[2010.06.01 00:17:03 | 3102,811,456 | ---- | C] () -- C:\Users\sushikiste\Documents\League of Legends 2010-06-01 00-17-03-84.avi
[2010.06.01 00:11:20 | 3414,904,832 | ---- | C] () -- C:\Users\sushikiste\Documents\League of Legends 2010-06-01 00-11-20-69.avi
[2010.06.01 00:10:11 | 682,331,048 | ---- | C] () -- C:\Users\sushikiste\Documents\League of Legends 2010-06-01 00-10-11-06.avi
[2010.05.30 18:43:01 | 000,396,280 | ---- | C] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 07-15-45-84.avi.sfk
[2010.05.30 07:40:48 | 3355,544,680 | ---- | C] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 07-40-48-81.avi
[2010.05.30 07:37:39 | 4195,460,336 | ---- | C] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 07-37-39-94.avi
[2010.05.30 07:25:14 | 391,843,272 | ---- | C] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 07-25-14-96.avi
[2010.05.30 07:20:33 | 4195,222,904 | ---- | C] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 07-20-33-37.avi
[2010.05.30 07:15:45 | 4195,088,192 | ---- | C] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 07-15-45-84.avi
[2010.05.30 04:33:00 | 615,926,080 | ---- | C] () -- C:\Users\sushikiste\Documents\medieval2 2010-05-30 04-33-00-22.avi
[2010.05.29 22:41:24 | 000,001,899 | ---- | C] () -- C:\Users\Public\Desktop\Medieval II Total War.lnk
[2010.05.29 22:17:52 | 000,001,735 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010.05.29 22:14:49 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010.05.27 23:59:39 | 000,012,520 | ---- | C] () -- C:\Users\sushikiste\Documents\lol.mp3.sfk
[2010.05.27 23:58:42 | 000,145,030 | ---- | C] () -- C:\Users\sushikiste\Documents\lol.mp3
[2010.05.27 23:58:13 | 000,000,802 | ---- | C] () -- C:\Users\sushikiste\Desktop\Audio Recorder Pro.lnk
[2010.04.22 10:48:53 | 000,000,000 | ---- | C] () -- C:\Windows\I531_1013.INI
[2007.03.12 12:01:30 | 000,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys
========== Alternate Data Streams ==========
@Alternate Data Stream - 76 bytes -> C:\Users\sushikiste\Desktop\Zeug:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\sushikiste\Desktop\Videos:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\sushikiste\Desktop\Musik:Roxio EMC Stream
< End of report > --- --- --- _________________________________________________________
OTL Logfile: Code:
OTL Extras logfile created on: 24.06.2010 13:34:23 - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Users\sushikiste\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 51,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288,04 Gb Total Space | 142,35 Gb Free Space | 49,42% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 5,83 Gb Free Space | 58,30% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SUSHIKISTE-PC
Current User Name: sushikiste
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\opera.exe (Opera Software)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{174032D4-5922-4FD3-B911-C93DEE7D08DB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2E22349C-19F9-4AEB-8E4D-F26553FF796F}" = lport=6975 | protocol=17 | dir=in | name=league of legends launcher |
"{40A2B1D4-461D-4978-A149-E4D249CA9669}" = lport=6930 | protocol=6 | dir=in | name=league of legends launcher |
"{51E9C210-18A1-4FCF-A408-5DE58F135716}" = lport=6930 | protocol=17 | dir=in | name=league of legends launcher |
"{895B5833-ACBB-44EB-BBDB-23A957760230}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8B052060-58D1-4978-BC8B-15AAF815C78F}" = lport=6975 | protocol=6 | dir=in | name=league of legends launcher |
"{8B920C42-3DB4-4989-A33E-FB076FC96DB3}" = lport=8394 | protocol=17 | dir=in | name=league of legends launcher |
"{A101703D-12EE-4407-AD2E-BF1DB1C8AC95}" = lport=8394 | protocol=6 | dir=in | name=league of legends launcher |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08E95800-5724-409A-AB51-249DFD858CB2}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{39188A78-79C6-43D4-9742-59E8907E8CFD}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{3DE38FB3-644D-4E2C-AAA7-3D37BC040E98}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{4276ACED-900F-4F02-9809-170D5419283C}" = protocol=17 | dir=in | app=c:\program files\league of legends\game\league of legends.exe |
"{66E6D965-A7FA-4222-9F28-EFDB6B315170}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{772E2233-F2F5-4EC8-BC93-166DF8FD7B8B}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{7C0DA0F3-2550-4444-97BA-5D28405FE2C4}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{80A190B6-9BF0-4C4D-A3C3-CEC2B8E6282D}" = protocol=6 | dir=in | app=c:\program files\league of legends\air\lolclient.exe |
"{81A6B814-2EBD-49AC-82DE-60E9073226EA}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{84F43093-CA1A-4631-AC9F-E0E03F5284B6}" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{8EB3297E-FEC9-494F-B1FD-4DDEA159F2CC}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{A7BEBE6F-3F91-48BB-BD2F-D9CA3257599B}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{AA8D778D-7678-4B40-A456-26FAE20C87C3}" = protocol=6 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{AD51EDD3-FAB6-47B0-AE47-397CABE3FABC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AD7D7896-4C5B-4ECE-B807-5CE2ED46D306}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{AE7EFB78-E63B-4A6F-9F40-D551BC922539}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{AFC6AB1A-5962-444C-B782-F0302723A211}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{B268C401-25FB-4570-9177-4D0DABDACA88}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B6246E90-7276-4BF8-87FA-90A06003633E}" = protocol=17 | dir=in | app=c:\program files\icq7.1\aolload.exe |
"{B86C0FE9-2196-4379-A832-9C4D5B465F47}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{BE50E380-F664-49C4-A748-BD5395B77FE4}" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"{C1FFA3C9-594E-452A-9115-00F6405E6228}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C75F760D-70DC-4B09-903A-311C21DE96B6}" = protocol=17 | dir=in | app=c:\program files\league of legends\air\lolclient.exe |
"{C8DA3027-A243-4F93-97CA-DFD70CC53975}" = protocol=6 | dir=in | app=c:\program files\league of legends\game\league of legends.exe |
"{D2286D3D-0B96-4317-9566-62E6FC9F5583}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{F55A049C-E8C6-4CFE-AFD1-79F74E89363E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F8503D22-A725-4AA5-8B92-4909AED843EC}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{1D8716D5-5AAD-4984-B6DD-82C649B9AACD}C:\users\sushikiste\desktop\world of warcraft papa\wow-3.0.1-to-3.0.2-dede-win-update-downloader.exe" = protocol=6 | dir=in | app=c:\users\sushikiste\desktop\world of warcraft papa\wow-3.0.1-to-3.0.2-dede-win-update-downloader.exe |
"TCP Query User{1F6D77E3-ECBA-484B-A637-6FDE926D6EE7}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{21B09996-06F4-43E4-B908-510B54924B6B}C:\users\sushikiste\desktop\loleudownloader.exe" = protocol=6 | dir=in | app=c:\users\sushikiste\desktop\loleudownloader.exe |
"TCP Query User{3EC295E9-CF8A-4D17-9855-0AD43B27A890}C:\program files\icq7.1\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.1\icq.exe |
"TCP Query User{B4A000B1-4233-4339-91C2-E75AACC0F2B0}C:\program files\ea sports\fifa online\nfe.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\fifa online\nfe.exe |
"UDP Query User{1DA99920-2D07-4951-88A7-2243EA41B4B5}C:\program files\ea sports\fifa online\nfe.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\fifa online\nfe.exe |
"UDP Query User{20223B92-A882-495D-A342-8534D7431287}C:\program files\icq7.1\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.1\icq.exe |
"UDP Query User{5DF47BED-0E00-44E5-85F8-D1E32FF6A91A}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{9CF36258-5BF6-48ED-B73C-612C36277E00}C:\users\sushikiste\desktop\world of warcraft papa\wow-3.0.1-to-3.0.2-dede-win-update-downloader.exe" = protocol=17 | dir=in | app=c:\users\sushikiste\desktop\world of warcraft papa\wow-3.0.1-to-3.0.2-dede-win-update-downloader.exe |
"UDP Query User{E7A97AD9-6A07-4BF7-A971-56B588234440}C:\users\sushikiste\desktop\loleudownloader.exe" = protocol=17 | dir=in | app=c:\users\sushikiste\desktop\loleudownloader.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51
"{109945A8-D8D5-48B8-B4A5-195D3F99B56D}" = Logitech GamePanel Software 3.04.143
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 4.005.00
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{49058C21-E4F6-4A99-B715-D62715E0A2A2}" = Vegas Pro 9.0
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{6FE3B0CE-37C1-4825-908A-5A84C9B4EC2F}" = EA SPORTS(TM) FIFA Online
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76BC2442-0002-47FA-9617-43BAD82BEF4C}" = Bonjour
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98EA51C9-B0B0-45BC-8641-3E119EA47D7B}" = Sony Ericsson Media Manager 1.2
"{996A2FAA-7514-4628-9D12-A8FC34A0016E}" = iTunes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B5C3B892-0849-476C-9F46-B12F84819D57}" = Apple Mobile Device Support
"{BBF10B37-4ED3-11D5-A818-00500435FC18}" = Gothic
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"1EC636D2DBA2D9924E02E10DA797DEC16306C1A9" = Windows Driver Package - Logitech HIDClass (10/16/2006 1.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AMDAway INF" = AMDAway INF
"Audacity_is1" = Audacity 1.2.6
"Audio Recorder Pro_is1" = Audio Recorder Pro 3.70
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Driver Cleaner Pro" = DH Driver Cleaner Professional Edition
"DVDVideoSoft Toolbar" = DVDVideoSoft Toolbar
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.1
"Free YouTube Download_is1" = Free YouTube Download 2.6
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.3
"Gothic II - Die Nacht des Raben" = Gothic II - Die Nacht des Raben
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"League of Legends_is1" = League of Legends
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McLoad Preinstaller" = McLoad Preinstaller
"MicRO 1.00" = MicRO 1.00
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"Precision" = EVGA Precision 1.7.1
"PunkBusterSvc" = PunkBuster Services
"SearchAnonymizer" = SearchAnonymizer
"SpeedFan" = SpeedFan (remove only)
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Gothic Texture Patch - Freddy" = Freddy's Texture Patch BETA
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 30.05.2010 16:34:36 | Computer Name = sushikiste-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Medieval_TW.EXE, Version 1.0.0.0, Zeitstempel
0x3f6824c2, fehlerhaftes Modul BugslayerUtil.dll, Version 6.0.6000.16386, Zeitstempel
0x4549bdc9, Ausnahmecode 0xc0000135, Fehleroffset 0x00008fc7, Prozess-ID 0x5f4,
Anwendungsstartzeit 01cb003783d8a95d.
Error - 30.05.2010 16:34:43 | Computer Name = sushikiste-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Medieval_TW.EXE, Version 1.0.0.0, Zeitstempel
0x3f6824c2, fehlerhaftes Modul BugslayerUtil.dll, Version 6.0.6000.16386, Zeitstempel
0x4549bdc9, Ausnahmecode 0xc0000135, Fehleroffset 0x00008fc7, Prozess-ID 0x13fc,
Anwendungsstartzeit 01cb003788c0eaed.
Error - 01.06.2010 16:10:58 | Computer Name = sushikiste-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung League of Legends.exe, Version 1.0.0.85, Zeitstempel
0x4be49c6b, fehlerhaftes Modul BugSplat.dll, Version 3.1.0.161, Zeitstempel 0x49c2b714,
Ausnahmecode 0xc0000005, Fehleroffset 0x00005ec2, Prozess-ID 0x1664, Anwendungsstartzeit
01cb01c64a98b6cd.
Error - 04.06.2010 14:49:37 | Computer Name = sushikiste-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Dwm.exe, Version 6.0.6000.16386, Zeitstempel
0x4549aed1, fehlerhaftes Modul FRAPS.DLL_unloaded, Version 0.0.0.0, Zeitstempel
0x4a98b803, Ausnahmecode 0xc0000005, Fehleroffset 0x63587204, Prozess-ID 0xae4,
Anwendungsstartzeit 01cb03d943c0544e.
Error - 04.06.2010 14:49:37 | Computer Name = sushikiste-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Taskmgr.exe, Version 6.0.6000.16386, Zeitstempel
0x4549b0b0, fehlerhaftes Modul FRAPS.DLL_unloaded, Version 0.0.0.0, Zeitstempel
0x4a98b803, Ausnahmecode 0xc0000005, Fehleroffset 0x63587204, Prozess-ID 0x15bc,
Anwendungsstartzeit 01cb0416abd24406.
Error - 04.06.2010 14:49:37 | Computer Name = sushikiste-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung lol.launcher.exe, Version 1.0.0.29, Zeitstempel
0x4babcbed, fehlerhaftes Modul FRAPS.DLL_unloaded, Version 0.0.0.0, Zeitstempel
0x4a98b803, Ausnahmecode 0xc0000005, Fehleroffset 0x63587204, Prozess-ID 0xd70,
Anwendungsstartzeit 01cb041674ec2876.
Error - 04.06.2010 14:49:38 | Computer Name = sushikiste-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung LOLClient.exe, Version 1.5.0.7220, Zeitstempel
0x49080dd2, fehlerhaftes Modul FRAPS.DLL_unloaded, Version 0.0.0.0, Zeitstempel
0x4a98b803, Ausnahmecode 0xc0000005, Fehleroffset 0x63587204, Prozess-ID 0xff0,
Anwendungsstartzeit 01cb041676b1f456.
Error - 06.06.2010 09:51:43 | Computer Name = sushikiste-PC | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.0.6000.16771 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: b8c Anfangszeit: 01cb056999d6d6a3 Zeitpunkt
der Beendigung: 99
Error - 11.06.2010 16:06:42 | Computer Name = sushikiste-PC | Source = Application Hang | ID = 1002
Description = Programm ICQ.exe, Version 7.2.0.3129 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: de4 Anfangszeit: 01cb09a17b57edbc Zeitpunkt der Beendigung:
295
Error - 13.06.2010 13:04:02 | Computer Name = sushikiste-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung audacity.exe, Version 0.0.0.0, Zeitstempel 0x455814e4,
fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9, Ausnahmecode
0xc0000005, Fehleroffset 0x0003b15f, Prozess-ID 0xb0c, Anwendungsstartzeit 01cb0b19835f5abf.
[ System Events ]
Error - 23.04.2010 07:51:40 | Computer Name = sushikiste-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 23.04.2010 07:51:40 | Computer Name = sushikiste-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 23.04.2010 07:51:40 | Computer Name = sushikiste-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 23.04.2010 07:51:40 | Computer Name = sushikiste-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 23.04.2010 07:51:40 | Computer Name = sushikiste-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 23.04.2010 07:51:40 | Computer Name = sushikiste-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 23.04.2010 07:51:40 | Computer Name = sushikiste-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 23.04.2010 07:51:40 | Computer Name = sushikiste-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 23.04.2010 07:52:01 | Computer Name = sushikiste-PC | Source = DCOM | ID = 10005
Description =
Error - 23.04.2010 07:55:04 | Computer Name = sushikiste-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report > --- --- --- |